exploitDog

CVE-1999-1229

Опубликовано: 25 фев. 1998

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.

Ссылки

http://www.securityfocus.com/archive/1/8590
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/733
http://www.securityfocus.com/archive/1/8590
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/733

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:id_software:quake_2_server:*:*:*:*:*:*:*:*

Версия до 3.13 (включая)

EPSS

Процентиль: 20%

0.00062

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xq49-p575-q243

github

около 3 лет назад

Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.

EPSS

Процентиль: 20%

0.00062

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other